RSA SecureID Token FAQ

What is a RSA SecureID token?
o The token is a physical device which generates a random password. This
provides what is known as two factor authentication. Two factor
authentication involves using "something you have" and "something you
know" and usually consists of using a password and another form of
authentication such as a smart card, biometric data (fingerprints, retinal
scan) or token.

Why do I need a RSA SecureID token?
o





Page 1 of 2
August 5, 2008
Certain administrative systems are restricted and only accessible from oncampus. Employees that are required to access administrative systems, such
as Banner, from off-campus will need a token.
How do I obtain an RSA SecureID token
o To request an RSA SecureID token, fill out the RSA Token Request
Form located at
http://www.indstate.edu/oit/documentation/RSA%20Token%20Requ
est%20Form.pdf. The instructions are located at the bottom of the
form.
What administrative systems can be accessed through the use of an RSA
SecureID token?
o Banner
o Other systems will be added in the future.
What is the cost to my department for an RSA SecureID token?
o The initial cost to a department for a staff member to have a token
assigned to them is $75.00. This includes the first year of
maintenance and approximately half of the purchase price of the
token. Each year afterward the department is responsible for the
annual maintenance fee of $40.00.
o The tokens life span is two years. The department should plan on
budgeting for the replacement cost every two years. In order to
allow for price increases, it is recommended that $50 be used for
budgeting purposes.
What do I do if my token is lost or damaged?
o Notify OIT by contacting the Help Desk (2910) that the token is lost or
damaged and whether a replacement is desired. It is the
responsibility of the department to pay for a replacement
Can I share my token with another employee?
RSA SecureID Token FAQ






Page 2 of 2
August 5, 2008
o Tokens are not to be shared. The tokens are registered to their
owner and the owner is responsible for their use and security.
Can I use the token with my own personal PC?
o For security reasons, tokens should be used only with Universityprovided computers. Under Indiana laws passed in 2006 you can be
held criminally liable for data breaches under certain circumstances.
Please review Indiana code 4-1-10 and 4-1-11 at
http://www.in.gov/legislative/
Can support staff receive a token?
o Yes, support staff can receive a token. It is recommended that the
department check with HR to review policies and/or procedures that
may affect employees in this category who perform work from home.
Under what conditions does a token have to be returned to OIT?
o Employee leaves the University.
o Employee accepts another position in a different department.
o Supervisor determines that the employee no longer needs access
from off-campus.
What is the process to return a token?
o The employee needs to return the token to the central desk in Rankin
Hall.
Can a token just be kept within a department when an employee leaves
and then given to a new employee?
o No, the token must be returned to OIT as stated above. The new
employee must fill out the request form and go through the standard
approval process.
If a department determines that their employees no longer need to work
from off-campus and return the tokens, is part of the annual maintenance
refunded?
o No, the department is responsible for the entire year of maintenance.